Agentic AI is entering backend engineering fast — but most teams still struggle with one question: how do we introduce AI agents into security-critical systems without increasing our attack surface?
In this session, I’ll share practical lessons from building and securing backend services in fintech and at Booking.com, where I work on systems that store and process credit card data. Even as AI tooling evolves, the fundamentals of secure engineering still matter most — and I’ll show how these fundamentals translate into the age of agentic AI.
The talk focuses on realistic, easy-to-adopt patterns rather than idealized architectures. You’ll see how AI agents can support everyday engineering tasks such as code review, threat modeling, and secure coding checks, along with examples of where they help — and where they absolutely shouldn’t have access.
Key takeaways include:
– Concrete patterns for plugging AI agents into CI/CD and dev workflows
– Guardrails, identity boundaries, and blast-radius reduction for non-human actors
– Real examples of risk analysis applied to agent-involved workflows
– A short, actionable checklist for safely introducing agents into services that handle sensitive data
Whether you’re a security engineer, DevOps practitioner, platform owner, or AI developer, you’ll leave with practical guidelines for applying agentic AI inside security-critical backend systems — without compromising control.
Speaker
Marat Kenzhebulatov
Senior Software Engineer, Booking.com — Secure Services & AI Tooling
Senior engineer at Booking.com building secure backend systems with AI.
Free online courses and certifications. Join the 100K+ Neo4j experts.
Manuals for Neo4j products, Cypher, and drivers
Live and on-demand events, training, webinars, and demos
